EC-Council Network Security Administrator Exam Information

ensa exam

Credits Towards Certification

EC-Council Network Security Administrator

Exam Details

  • Number of Questions: 50
  • Passing Score: 70%
  • Test Duration: 2 hours
  • Test Format: Multiple choice
  • Test Delivery:
  • Prometric Prime Online Web site, EC-Council Exam Portal


Exam Code

The exam code varies when taken at different testing centers.
  • Prometric Prime: 312-38
  • EC-Council Exam Portal: 312-38

Skills Measured

The exam 312-38 tests ENSA candidates on the following 30 domains.
  • Fundamentals of Networks
  • Network Protocols
  • Protocol Analysis
  • Hardening Physical Security
  • Network Security
  • Security Standards Organizations
  • Security Standards
  • Security Policy
  • IEEE Standards
  • Network Security Threats
  • Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)
  • Firewalls
  • Packet Filtering and Proxy Servers
  • Bastion Host and Honeypots
  • Securing Modems
  • Troubleshooting Network
  • Hardening Routers
  • Hardening Operating Systems
  • Patch Management
  • Log Analysis
  • Application Security
  • Web Security
  • E-Mail Security
  • Authentication: Encryption, Cryptography and Digital Signatures
  • Virtual Private Networks
  • Wireless Network Security
  • Creating Fault Tolerance
  • Incidence Response
  • Disaster Recovery and Planning
  • Network Vulnerability Assessment

ENSA (312-38) Exam

Fundamentals of Computer Network

  • Defines the nodes, the network backbone, segments, and subnets
  • Describes the logical elements of network, IP addresses, IP address space, and Assignment of IP address
  • Explains how to create a Domain Name Space (DNS), creating a new domain name, and components of DNS
  • Explains the working and functional categories of gateways
  • Discusses on the various types of media to connect the networks, wired media or bounded network media, twisted pair cable, and wireless transmission
  • Describes the media access methods such as the multiplexed media access, polling, and token-based media access
  • Explains the OSI and TCP/IP reference models and their corresponding layers
  • Describes on the methods of data transmission simplex, half duplex, and full duplex
  • Discusses on classifying the networks such as client server networking, peer to peer networking, and mixed mode networking
  • Explains the physical arrangement of the Network, the topologies such as bus, star or hub, ring, mesh, tree, and hybrid topology
  • Details the Physical Network Classification including the LAN, WAN, MAN, PAN, CAN, and GAN
  • Explains on the functions of network equipments such as network interface cards, access points, switches, concentrators/hub, modem, router, brouter, bridges, adapters, network load balancers, repeaters, gateways, transceivers, converters, and terminals

Network Protocols

  • Defines the functions and introduces the network protocols
  • Explains the TCP/IP and configuring of the TCP/IP, network classes, and telnet
  • Describes the application layer protocols such as BOOTP, DCAP, DHCP, DNS, FTP, TFTP, NTP, NNTP, SNMP, IRCP, SLP, HTTP, and HTTPs in detail
  • Explains the light weight presentation layer protocol
  • Describes the remote procedure call protocol of session layer
  • Describes the reliable data protocol, transmission control protocol and the user data protocol
  • Explains the routing protocols such as BGP, EGP, IP, ICMP, IGMP, IRDP, Mobile IP, NHRP, OSPF and Multicasting Protocols such as BGMP and DVMP of Network layer Protocol
  • Explains the data Link layer protocols such as ARP, RARP, and NARP

Protocol Analysis

  • Describes the protocol suite in TCP/IP, layers of TCP/IP, sliding windowing, and acknowledgement
  • Defines the header format of TCP and different options in the header
  • Explains the interfaces used in TCP/IP, user/ TCP interface commands, and TCP/lower level interface commands
  • Describes the algorithms in TCP, Checksum calculation, performance estimation and problems related to TCP, overview of IP, and the header format of IP
  • Provides the introduction to IP datagram and different techniques associated with IP datagram, parameter problem in IP
  • Discusses the IPv6 including the header format, tunneling, and multicast mechanisms

Hardening Physical Security

  • Discusses the need for physical security, statistics, physical security breach incidents, and who is accountable for physical security
  • Defines the factors affecting physical security, and types of attackers
  • Describes the physical security threats, and methods to detect physical hazards
  • Provides an overview of how to implement premises security, using smart cards, and proximity cards
  • Explains the process of biometrics, accuracy of biometrics, and applications of biometrics
  • Discusses about implementing workplace security and desktop security
  • Explains about securing network devices, server security, securing backup devices, CCT (Closed Circuit Television)/Cameras, and EPS (Electronic Physical Security)
  • Discusses about the challenges in ensuring physical security, countermeasures, and mantrap
  • Defines a physical security checklist

Network Security

  • Provides an overview of network security
  • Discusses the need for network security
  • Explains the goals of network security
  • Describes the need for security awareness
  • Discusses the functions of network security administrator

Security Standard Organizations

  • Provides an overview of the Internet Corporation for Assigned Names and Numbers (ICANN), and role of ICANN, working of ICANN
  • Provides an overview of the International Organization for Standardization (ISO), how ISO standards benefits the society, and ISO applications
  • Defines the structure of International Telecommunication Union (ITU)
  • Defines the structure of American National Standards Institute (ANSI)
  • Defines the structure of Institute of Electronics and Electrical Engineers (IEEE)
  • Provides an overview of the Electronic Industries Association (EIA)
  • Defines the structure of National Institute for Standards and Technology (NIST), and overview of Services
  • Explains the structure of World Wide Web Consortium (W3C), and activities
  • Provides an overview of the Web Application Security Consortium (WASC), and board of directors responsibilities

Introduction to Internet Standards

  • Discusses the introduction of Internet standards, standards creation committee, and Internet standards
  • Explains the RFC evolution, RFC submission process and obtaining RFC
  • Describes the cabling standards, EIA/TIA -568, and UTP categories

Security Policy

  • Provides an overview of the security policy, benefits, concept, and key elements of security policy
  • Discusses about security awareness program through meetings and trainings
  • Explains the purpose and goals of security policy, classification systems, and security policy framework
  • Discusses about the vital role of security policy, classification of security policy, and types of security policies
  • Describes the security policy structure, contents of security policy, privacy and confidentiality, security levels, security organizations and security policy features
  • Explains the configuration of security policy, implementation of security policy, incident handling and escalating procedures, security operations, and life cycle management
  • Details the process of securing assets, defining responses to security violations, presenting and reviewing the process, compliance with law and policy, transborder encryption issues, and points to remember while writing security policy

IEEE Standards

  • Provides an overview and architecture of IEEE 802, and the history of 802 standards
  • Discuses about the objectives of IEEE Standards,  the IEEE 802 Bridging and Management, 802.2 Logical Link Control Layer, 802.3 CSMA/CD (Ethernet), 802.4 Token Passing Bus, 802.5 Token Ring Passing, 802.6 DQDB Access Method, 802.7 Broadband LAN, 802.10 Security, 802.11 Wireless LAN (WLAN), 802.12 Demand Priority Access, 802.15 Wireless Personal Area Network, 802.16 Broadband Wireless MAN (WMAN),and the 802.17 Resilient Packet Ring
  • Explains the Wireless Networking Standards
  • Elucidates the ETSI Standards, HIPERLAN, Family of HIPERLAN standards, HIPERLAN/1, HIPERLAN/2, HiperAccess, HiperLink, and the HiperMAN

Network Security Threats

  • Provides an overview of the various kinds of security threats, and the current security threats statistics. Defines the terms such as: vulnerability, threats, and attacks, types of attacks, and classification of hackers.
  • Explains the techniques in network attacks. Discusses about various techniques, Common Vulnerabilities and Exposure (CVE), various threats, attacks, and hiding evidence of an attack
  • Discusses on how to create a Domain Name Space, creating a new domain name, and the components of DNS
  • Explains the working and functional categories of gateways and functional categories of gateway devices
  • Discuss various tools and algorithms that help in Windows forensics


  • Discusses about the Intrusion Detection System (IDS) and history of IDS and various intrusion detection concepts
  • Explains the methods to choose IDS for an organization
  • Discusses the characteristics of IDS, Importance of IDs, and aggregate analysis of IDS
  • Explains various types of IDS, NIDS. Explains the architecture, operational concept, network based detection, and tools related to NIDs, HIDS includes architecture, operational concept, host based detection and its tools, and difference between NIDS and HIDS
  • Describes the Hybrid IDS frame work, prelude IDS, components and interaction between prelude components like relaying, reverse relaying, and the functioning of the Libsafe tool
  • Discusses about distributed IDS including its advantages, components, protocol IDS, Network Behavior Analysis, Unified Thread Management, and deployment of the IDS
  • Discusses various types of IDS signatures, True/False-Positive/Negative, and major methods of operation
  • Explains the working of tools such as Snort, BlackICE, M-ICE, Secure4Audit, Emerald, NIDES, SECUREHOST, and the GFI EventsMANAGER
  • Explains the IPS and its Strategies
  • Describes the process of raw packet capture, filtering, packet decoding, storage, fragment reassembly, stream reassembly, stateful inspection of TCP sessions, and firewalling
  • Explains the working of IPS Tools such as Sentivist, Stonegate IPS, and McAfee


  • Explains the security features of a firewall, components, operations, and types of firewalls
  • Defines the types of firewalls based on the functionality, the PIX firewall, and its features
  • Explains the rules and restrictions that are to be applied for the good performance of a firewall
  • Explains the configuration strategies in firewall. Describes the features such as scalability, portability, architecture of firewall based on dual homed, screened host, and screened subnet
  • Discusses on threats and security risks in firewall, protection of network against hacking, centralization and documentation of the firewall, and multi-layer firewall
  • Explains the deployment strategies of firewall, firewalls within router. Introduces DMZ, multi-firewall DMZ, and advantages and disadvantages of firewall
  • Discusses the threats to firewall, such as firewalking, banner grabbing, and placing backdoors
  • Provides an understanding of the limitations of firewall, personal firewall software and hardware
  • Discusses on how the firewall logs affect the performance, discusses  the firewall analyzer, importing logs and archiving logs, firewall builder, and wflogs
  • Explains the features and functions of the firewall products such as Wingate, Symantec, firewall tester like firewalk and ftester

Packet Filtering and Proxy Server

  • Provides an understanding of Packet Filtering. Discusses about application layer gateway, network address translation, packet filtering, packet sequencing and prioritization, packet fragmentation, and analyzing packet signatures
  • Explains the process of configuring packet filtering and its types. Discusses about various types of filtering such as stateful packet filtering, stateless packet filtering, and dynamic packet filtering
  • Explains the pros and cons of filtering and flags used. Discusses about advantages and disadvantages of filtering and flags used
  • Provides an understanding the proxy server. Discusses about proxy servers, role of proxy servers, routed environment, proxy control, and the socks proxy
  • Explains the authentication process and firewalls in proxy server. Discusses about authentication process, centralized authentication services, and application proxy firewall
  • Provides an understanding of the security and benefits of proxy server. Discusses about security and access control, reverse proxies, and difference between proxy server and packet filtering

Bastion Host and Honeypots

  • Explains the concept of Bastion Host which includes its principles, the need for a bastion host, and how to Build a bastion host. Explains configuring Bastion Host, locating Bastion Host, securing the machines, defending bastion host, selecting services, disabling accounts, and unnecessary services, handling backups, and roles and security policy of Bastion Host
  • Discusses about Honeypot, History, Value, and types of Honey pots
  • Details the classification of Honeypots such as low-interaction, medium-interaction, and high-interaction Honeypot, and examples of Honeypots like BOF, Specter, Honeyd, Homemade, Mantrap, and the Honeynet
  • Explains the Homemade Honeypot and advantages and disadvantages of Honeypot
  • Introduces the Honeynet, its architecture, types, and legal related issues

Securing Modems

  • Provides an overview to modems, the origin of modems, and various features of modems
  • Discusses about various types of modems like hardware modems, Optical Modems, Short Haul Modems, Smart Modem, Controller Less Modem, Acoustic Modem, and the Null Modem
  • Explains about Modem security, Additional security to modem, and categorizing modem access
  • Describes the Modem attacks such as Spoofing attacks, Call Forwarding attacks, and war dialing, and Modem risks like War dialers and packet sniffing
  • Explains the Modem failure Symptoms, Modem Firmware Failure, and Primary Modem Failures
  • Discusses about reasons for modem connection failures and some common failures in modems
  • Explains the process of troubleshooting modems, and External and Internal modems

Troubleshooting Network

  • Explains the Troubleshooting Strategies and methodologies. Discusses the Troubleshooting Strategy, Recognizing Symptoms, Analyzing Symptoms, Understanding the problem, System Monitoring Tools, Testing the cause of the problem and solving the problem
  • Discusses on how to troubleshoot network devices, Bridge, hubs, network interface cards etc. Includes troubleshooting Network devices such as Windows PC Network Interface Card, Cisco Aironet Bridge, bridges using the Virtualization Engine, BR350 (Bridge), Diagnosing Repeater and Gateway Problems, Hubs and Switches, cable modem, DSL or LAN Internet Connection, a Universal Serial Bus Device, and the IEEE 1394 Bus devices
  • Explains what to do when network slowdowns. Discusses about Troubleshooting Network Slowdowns that includes NetBios Conflicts, IP Conflicts, Bad NICs, DNS Errors, Insufficient Bandwidth, Excessive Network Based Application, Daisy Chaining, and Spyware Infestation
  • Describes the process of troubleshooting Wireless devices such as Checking the Led Indicators, Checking Basic setting, SSID, WEP Keys, Security Setting, and Device Manager
  • Describes the process of troubleshooting Network Communication such as identifying communication problems, using Ping and Traceroute, exploring Network Communications, Finding Path Information, Access point Interface, and Identify Communication Capabilities
  • Describes how Load balancing reduces network traffic.Explains the Network adapter Troubleshooting. Discusses about How to isolate networking problems (Windows XP).
  • Explains how to overcome the Connectivity problem
  • Explains the mostly used TCP/IP Troubleshooting utilities: Discusses about TCP/IP Troubleshooting Utilities that includes Troubleshooting with IP Configuration Utilities, with Ping, with Tracert, with ARP, with Telnet, with Nbstat, with Netstat, with FTP, and with Nslookup
  • Describes the working of troubleshooting tools: Discusses about troubleshooting tools that includes hardware-Based troubleshooting tools, network technician’s hand tools, The POST card, memory testers, electrical safety rules, wire crimpers, punch down tools, circuit testers, voltmeters, cable testers, crossover cables, hardware loopback plugs, LED indicator lights, and tone generators

Hardening Routers

  • Details the routing metrics, router types, algorithms of routers, and Internet work operating system
  • Explains the principles of routing, and router’s modes of operation
  • Describes the process of configuring IP, RIP, configuring the router, external, internal configuration modes
  • Explains the configuration modes like interface, line, Rom, and privilege monitor
  • Discusses on methods of Hardening a router, passwords, secrets, user accounts sessions
  • Defines what Cisco discovery is, the logging concept, and Cisco logging options
  • Explains how to create access control list, implementing, monitoring and logging system error messages
  • Explains how to secure routers, configuring SSH, ciphers, MAC, compression, and root logins
  • Defines the Router commands, types of routing, and protocols
  • Explains the working of troubleshooting tools, PPP, X.25, ISDN, Frame relay, components of router security, and testing tools

Hardening Operating Systems

  • Explains what BIOS security is, the Windows registry, working of registry editor, and Root kit revealer. Explains the configuring Windows services such as e-mail service, and regional setting etc.
  • Defines how the resource are accessed in a network, access control, DACL, what are the objects and permission, introduction to NTFS, EFS, and infrastructure feature of Windows operating system
  • Provides an understanding of Kerberos authentication, trust relationship between domains , and IPSec
  • Describes the various features of Windows 2003 such as authentication, security configuration, EFS, and network security
  • Explains the concept of Certification Authority of Windows, implementation of the CA, and enterprise root CA
  • Defines the Linux user and file system, data and network security, introduction to account security, and user management, some OS security measures, and interface configuration
  • Describes the PAM module, configuration files framework, and security, network information services, and an introduction to system logger utility
  • Provides an understanding how to secure UNIX and the UNIX Security Checklist
  • Explains the security with Macintosh, Enterprise security, Kerberos authentication, and application security
  • Discusses on Vista Security and installation of Windows Vista

Patch Management

  • Discuses the concept of Patch Management, Types of Patches defined by Microsoft
  • Describes the Patch testing
  • Explains the process of Patch Monitoring and Management, how to Create a Change Process, and to Monitor the Patch Process
  • Discuses the Consolidating Patches on Red hat Network, Red Hat Up2date Patch Management Utility Installation Steps, and Red Hat Up2date Patch Management: Command Line Interface
  • Explains the Microsoft Patch Management Process
  • Provides details of the Widows Update Services, Microsoft Software Update Services, Windows Server Update Services (WSUS), WSUS Vs SMS 2003, and Role of SMS in Patch Management Process
  • Describes the working of Patch Management Tools

Log Analysis

  • Introduces the concept of log analysis. Discusses about the log analysis, Audit events and log types
  • Categorizes the log files and discusses about Log files, Access_log, Agent_log, Error_log, refer_log and TCPDump Logs
  • Provides an understanding the concept of web server Log Analysis: Discusses about web server log analysis and its tools, Apache log, IIS log and limitations of log file analysis
  • Helps in identifying Syslog statistics and analysis. Discusses about syslog, Statistics and analysis of syslog
  • Provides an understanding of the concept of logging including the overview of Logging, Setting up Remote Logging, Windows Logging, and Application Logging and Firewall Logging
  • Introduces Monitoring and security events. Discusses about Monitoring and Security events, Importance of Time Synchronization, and Passive Detection Methods and Scripting
  • Explains the working of Log Analysis tools. Discusses about log analysis tools such as Userlock and WStool and Auditing tool like ADSIC, Tenshi, SpoofMAC, and Gentle MAC Pro
  • Explains the working of various log parsing tools log parsing tools such as: LogSentry, SL2, Flog, SLCT, xlogmaster, Geek Tool, Dump.exe, Watchlog, and Logdog
  • Introduces the Log File Rotation Tools like Logcontroller, Newsyslog, Spinlogs, Trimlog, SLRS, and Bzip2
  • Discusses about Secure logs and  features and provides understanding of Log security

Application Security

  • Discusses the issues that make Web Security difficult
  • Explains various the Application Threats and Countermeasures, Input Validation, Authentication, Authorization, and Configuration Management
  • Discusses on Securing Web Applications, Authentication, and Authorization. Discusses on Managing Sessions, working of Cookies, Persistent vs. Non-Persistent Cookies, Secure vs. Non-secure Cookies, Session Tokens, Authentication Tokens, Event Logging, and Log Management.
  • Describes the Embedded Application Security, TCP/IP Security Technology, IPSec and SSL Security, IPSec and SSL In Embedded Systems, Network Security For Embedded Applications, and Embedded Network Security Hardware Instructions
  • Discusses the Remote Administration Security and preventive methods for unauthorized Persons
  • Introduces the concept of Threat modeling, use of Threat modeling, Terminology, Input and Output of Threat modeling,  step by step approach, and the five steps of Threat modeling

Web Security

  • Explains various types of network threats. Discusses about need for web security, and common Threats on web.
  • Discusses on how to Identify unauthorized Network Devices, Restrictive Access, Network Address, Altering Network Addresses, Tracking the connectivity, Testing the traffic Filtering Devices and, and Installing and protecting IIS
  • Discusses on how to Identify Client Authorization, Certificate Authorities, Client-side Data, Client Authentication, and Input Data Validation
  • Explain the process of deploying and managing Web-based solutions. Discusses about Browsing analysis, Browser Security for Mozilla Browser, Internet Explorer, Security Settings of Internet Explorer, Browser Hijacking, Tools to Hijack, Browser Analysis, and Browser security settings
  • Describes the concept of Plug-ins. Discusses about Plug-ins, for Netscape/IE, Mozilla Firefox Plug-ins, Accessibility Analyzer,  Way back versions, Validate P3P, Links, RSS, CSS and HTML, View-in, BugMe Not, Webpage Speed Report, and Open Text
  • Explains the Common Gateway Interface (CGI). Discusses about CGI, CGI Script, and CGI operation.

E-Mail Security 

  • Analyzes the key concepts of Electronic Mail: Describes the concept of E-mail, history, basics of E-mail, types of E-mail and compares Web Based e-mails with Pop3 e-mails
  • Explains the implementing the components of an E-mail such as: Headers, opening attachments, reading e-mails for different clients, field names and values, address list, recipients and senders and response targets and threading
  • Explains the Configuring and Testing of E-mail Servers such as: Unix Email Servers, Microsoft Exchange 2000 Email Server, Novel GroupWise Email Server, and Testing the Email Server.
  • Discusses the analysis of the core elements in e-mail Encryption. Discusses about Centurion mail, Kerberos, Hush Mail, Pretty good privacy and Secure Hive
  • Explains how to configure Outlook Express and Install WorkgroupMail, how to secure e-mail and e-mail authentication
  • Describes how to identify common email protocols such as: Multipurpose Internet Mail Extensions (MIME) /Secure MIME, Pragmatic General Protocol (PGP), Simple Mail Transfer Protocol (SMTP), Post Office Protocol (POP) and its POP3, and Internet Message Access Protocol (IMAP)
  • Details an Client Server Architecture in LAN and in Internet
  • Analyzes the risks related to e-mail Security such as: Spoofed Addresses, Spam, Hoaxes, Phishing, Snarfing, Malware, E-Mail spoofing, E-Mail viruses, Gateway virus scanners, Outlook Viruses, E-mail Attachment Security, E-Mail Spamming, E-Mail Bombing, Chain letters and How to defend against E-Mail Security Risks
  • Explains how to implement the tools to secure e-mail such as: ClipSecure, CryptoAnywhere, BCArchive, CryptainerLE, GfiMailEssentials and SpamAware
  • Describes the process of tracking an E-mail and the working of readnotify tool

Authentication: Encryption, Cryptography
and Digital Signatures

  • Defines Authentication, VeriSign Authentication, and Evolution of Encryption
  • Discusses about Symmetric vs. asymmetric encryption, symmetric key encryption, asymmetric key encryption, Hashing, PGP, X.509, and SSL.
  • Explains the IPSec Architecture, Components of IPSec, IPSec Modes, IPSec Processing, Enabling IPSec, Algorithms for IPSec, IPSec Protocols, Levels of IPSec, and IPSec Policies
  • Describes the concept of Cryptography, History, Math and Algorithms, Message Authentication, DES for Encryption, DES ECB and CBC Analysis, 3DES, HMAC/MD5 and SHA for Authentication and IPSec Limitations
  • Describes the Digital Certificates, Public and Private Keys, and Certificate Encryption Process
  • Describes the Digital Signatures, its features, Digital Signature In practice, and PKI


  • Describes the concept of Virtual Private Network (VPN), Classification, Internal LAN VPNs, Remote Access VPNs, and Extranet VPNs
  • Discusses about Tunneling, Types such as: Voluntary Tunneling, Compulsory Tunneling; VPN Tunneling Protocols, Point-to-Point Tunneling Protocol (PPTP), Layer Two Tunneling Protocol (L2TP), and Internet Protocol Security (IP Sec)
  • Explains the VPN security, Privacy to the Clients, Reliability of Data, Genuineness of Information, and Connection to VPN: SSH and PPP, Concentrator, and Setup Client Software
  • Describes the process of Setting-up VPN, implementing the DHCP service, creating an Enterprise Certificate Authority, Installation of IAS, Configuring an IAS, Creating a Remote Access Policy, Configuring a VPN server, Associate the VPN server with the DHCP server, Configuring a Remote Client, and Test the Client Connection
  • Discusses the implementation and configuration of VPN server, DHCP server, and IAS servers
  • Describes the VPN policies, Internet Service Provider (ISP), Tokens, Client Software for TCH Applications, Non-TCH Entities/Users, Support Services, and Authorization of use of Technology, and VPN Registration and Passwords
  • Explains the risks associated with VPN such as: Security Risk, Third-Party Risk, Business Risk, Implementation Risk, and Operating Risk
  • Details the process of Testing of the VPN product and Flaws associated with VPNs

Wireless Network Security

  • Introduces the concept of Wireless Networks, Types of Wireless Network: based on connection, and based on Geography
  • Explains the components of Wireless Network such as: Access Points, Wireless Cards, Antenna, Wireless Desktop Cards, Wireless Laptop Cards, Wireless USB Adapters, Wireless Internet Video Camera, Digital Media Adapter, Wireless Converters, Wireless Print Server, Wireless Rechargeable Bluetooth mouse
  • Discuses the Wireless Technologies, Personal Communication Services(PCS), Time Division Multiple Access(TDMA), Code Division Multiple Access(CDMA), ARDIS, Bluetooth, Bluetooth Architecture and components, Ultra Wideband
  • Explains the process of detecting Wireless Network, How to Scan Wireless Network, Wardriving, WarChalking, and the working of the wireless network detecting Tool: Kismet, and Netstumbler
  • Discuses the Types of Wireless Threats and Attacks such as: Man in the Middle Attacks, Denial of Service (DoS), Distributed Denial of Service (dDoS), Social Engineering, Weak key Attacks, Dictionary Attacks, Birthday Attacks, Wireless Threats. Provides an overview of Wi-Fi, Open Wi-Fi Vulnerabilities, risks due to Wireless Networks, Wired Equivalent Privacy, WEP Key Cracking Tools, AirSnarf (Wireless Network Attack Tool), and Wellenreiter v2 Tool (to detect MAC Address Spoofing)
  • Explains the wireless Standards, IEEE 802.11a (Wi-Fi), IEEE 802.11b (Wi-Fi), and IEEE 802.11g (Wi-Fi)
  • Describes the process of securing Wireless Communication: Authentication, LDAP, Multifactor Authentication, Authentication Mechanism, Kerberos, WPA, Security Measures, Change the SSID, Use Encryption, Use a VPN, Use a Firewall.
  • Explains the WLAN Security Policy Development issues, goals and characteristics, auditing WLAN Security Policy, RADIUS Authentication, Wireless Auditing, Baselining, and DHCP Services
  • Describes Certificate Management through PKI, Trouble Shooting Wireless Network, Multipath and Hidden Node
  • Explains the process of developing the Wireless Network Security Checklist

Creating Fault Tolerance

  • Discuses the Network Security Fault tolerance, Creating Fault Tolerance, Availability, and Reliability
  • Explains how to plan for Fault Tolerance, Reasons of System Failure such as: Crime, User Error, Environmental Factors, and Routine Technical Events. Discusses about Fault Tolerant Network, Reasons For Network Failure such as: Viruses, Trojans, and Intrusion
  • Discuses the Preventive Measures: Backup, Tape Backup: Pros and Cons, Problems with Tape Backup, Practical Tips, UPS and Power Generators, and Access Rights
  • Discuses the Redundant Array of Independent Disks (RAID), RAID Level 0, RAID Level 1, RAID Level 2, RAID Level 3, RAID Level 4, RAID Level 5, Basic Input/Output System (BIOS), RAID 0+1: Striping with Mirroring, Clustered Servers, Simple Server Redundancy, and  Archiving
  • Discuses the Conducting Deployment Testing, Auditing, and Circuit Redundancy.
  • Discuses the Network Vulnerabilities, Types of Vulnerabilities, Working of Vulnerabilities, Authentication, and Working of Authentication.

Incident Response

  • Introduces an Incident, discusses the categories of Incidents, different types of Incidents, Confidentiality, Integrity and Availability (CIA) related Incidents, reconnaissance attacks, Repudiation, Harassment, Extortion, Pornography Trafficking, organized Crime Activity, Subversion, Hoaxes, and Caveat.
  • Explains how to report an Incident, step-by-step procedure for responding to an Incident, establishing general procedures for responding to incidents, and preparing to respond to incidents
  • Describes the process of managing Incidents, what an Incident Response is, Incident Response Architecture, Policy, Technology, Procedures, Standard and Matrices, Communication, Intrusion Detection, Impact Assessment, Liaison with Agencies, and Information Validation.
  • Explains the Six Step Approach for Incident Handling: Preparation, Detection, Containment, Eradication, Recovery, and Follow-up
  • Describes what an Incident Response Team is, it’s functional requirements, ways of Communication, and Staffing Issues
  • Discusses the Incident Response Team Life Cycle, Initial, Critical, Established, Post established stages, and Obstacles in building a successful Response Team.
  • Explains the Computer Security Incident Response Team, CSIRT’s organizational models, CSIRT Services.
  • Explains how to conduct a Computer Forensic Investigation

Disaster Recovery and Planning and Risk Analysis

  • Discuses the Disaster Recovery (DR) principles in an organization, types of Disaster Recovery, Backup sites, and Recovery of Small or Large Systems.
  • Explains the steps for Disaster recovery Process
  • Explains the Disaster Recovery Testing and steps, testing Scenarios, and the making of DR Planning Team
  • Discuses the Business Continuity Planning Process (BCP), Business Impact Analysis (BIA) and also discusses the Interview Key Staff, Analyze Present Written Stability Plans and Materials.
  • Describes the BCP: Risk Assessment, Risk Monitoring and other policies, standards and process of BCP, change management policies, Data synchronization, Training employees and planning communities, insurance and Government and Community policy
  • Explains the Business Continuity Management, Six Myths About Business Continuity Management, and Disaster Recovery
  • Describes the Disaster prevention process

Network Vulnerability Assessment (NVA)

  • Discuses the statistics of network vulnerabilities, vulnerability assessment, vulnerability classes, goals and features of good vulnerability assessment, and choice of personnel for network vulnerability assessment team.
  • Explains the network vulnerability assessment methodology and its phases: Phase I – Acquisition, Phase II: Identification, Phase III: Analyzing, Phase IV: Evaluation, and Phase V: Generation,
  • Explains the working of the vulnerability assessment tools, How to assess vulnerability assessment tools, selecting vulnerability assessment tools.
  • Explains the NVA-team checklist and tool: ScanIT Online.